Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime
US Targets Russian Media and Hackers Over Election Meddling
DOJ Seizes Internet Domains, Announces Sanctions Against Russian Media ExecutivesThe United States on Wednesday accused Russia of carrying out a sustained campaign to influence the 2024 American presidential election and announced a series of sanctions and law enforcement actions that target state-sponsored hackers and media executives behind Kremlin influence operations.
See Also: OnDemand | 2024 Phishing Insights: What 11.9 Million User Behaviors Reveal About Your Risk
In a timed set of actions, the Department of Justice announced the seizure of 32 internet domains used by what it called "Russian government-directed foreign malign influence campaigns colloquially referred to as 'Doppelganger.'" Prosecutors unsealed indictments against at-large Russian nationals Kostiantyn Kalashnikov, 31, and Elena Afanasyeva, 27, for allegedly "secretly planting and financing a content creation company on U.S. soil" to disseminate Russian propaganda.
The Department of the Treasury sanctioned several top editors and management for the Russian state-funded news outlet RT, which it said "began an effort to covertly recruit unwitting American influencers" as part of its influence operations. Treasury accused Kalashnikov, RT's digital media projects manager, of implementing "a large-scale influence operation for RT on U.S. social media" beginning in early 2022.
Treasury said RT used a front company to hide its involvement in the Russian government influence campaign. RT began using Afanasyeva - an employee in the digital media projects department who was also sanctioned Wednesday - to covertly interact with prominent U.S. social media influencers "under the cover of a fake persona" that purported to be an employee at a U.S. company.
The sanctions also include members of the pro-Kremlin, self-proclaimed hacktivist group known as RaHDit, which Treasury said is composed of active and former Russian intelligence officers. Those include Aleksey Alekseyevich Garashchenko, the head of the group who previously served as an FSB officer, and Anastasia Igorevna Yermoshkina and Aleksandr Vitalyevich Nezhentsev, who both work with Garashchenko.
The Department of State simultaneously announced a new visa restriction policy and $10 million in rewards for anyone who can provide" information on foreign interference in U.S. elections" by RaHDit. The new restrictions will bar individuals who act on behalf of Kremlin-supported media organizations from engaging in covert influence operations, according to the department.
Attorney General Merrick Garland convened an early afternoon meeting of the Justice Election Threats Task Force, where he decried the Doppelganger campaign - which he said involved Russian companies Social Design Agency, Structura National Technology, and ANO Dialog operating under the direction of the Kremlin to covertly spread government propaganda. The campaign made it appear as though readers were accessing major U.S. news sites such as The Washington Post and Fox News.
Deputy Attorney General Lisa Monaco said in a statement the Russian companies used "cybersquatting, fabricated influencers and fake profiles to covertly promote AI-generated false narratives on social media" at Russian President Vladimir Putin's direction.
"Those narratives targeted specific American demographics and regions in a calculated effort to subvert our election," Monaco added.
Doppleganger activities included registering domains such as washingtonpost.pm
in an attempt to mimic reputable news organizations and even created unique media brands to promote Russian government messaging, according to an affidavit published Wednesday. Impersonating legitimate media publications - also known as cybersquatting - violates federal criminal trademark laws.
The Doppleganger campaign successfully manipulated users into believing they were reading authentic and trustworthy content from established news sources in part by running paid social media aids and using global social media influencers. The operation also featured fake profiles pretending to be U.S. citizens or citizens from countries other than Russia, who posted comments with links to the fake domains.
Internal planning documents from the Russian operation reveal that a top goal of the campaign was to "secure Russia's preferred outcome in the election," according to prosecutors. Garland said the sites seized Wednesday were "filled with Russian government propaganda" designed "to reduce international support for Ukraine, bolster pro-Russian policies and interests, and influence voters in the United States and other countries."
Updated Sept. 4, 2024 19:34 UTC: This story has been updated throughout.